Vulnerability Description
The "nickname" field within Savoir-faire Linux's Jami application is susceptible to a failed state when a user inserts special characters into the field. When present, these special characters, make it so the application cannot create the signature for the user and results in a local denial of service to the application.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Savoirfairelinux | Jami | 20222284 |
Related Weaknesses (CWE)
References
- https://blog.blacklanternsecurity.com/p/Jami-Local-Denial-Of-Service-and-QRC-HanThird Party Advisory
- https://git.jami.net/savoirfairelinux/jami-client-qt/-/wikis/Changelog#nightly-jRelease Notes
- https://review.jami.net/c/jami-daemon/+/23575Patch
- https://blog.blacklanternsecurity.com/p/Jami-Local-Denial-Of-Service-and-QRC-HanThird Party Advisory
- https://git.jami.net/savoirfairelinux/jami-client-qt/-/wikis/Changelog#nightly-jRelease Notes
- https://review.jami.net/c/jami-daemon/+/23575Patch
FAQ
What is CVE-2023-3433?
CVE-2023-3433 is a vulnerability with a CVSS score of 5.5 (MEDIUM). The "nickname" field within Savoir-faire Linux's Jami application is susceptible to a failed state when a user inserts special characters into the field. When present, these special characters, make i...
How severe is CVE-2023-3433?
CVE-2023-3433 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-3433?
Check the references section above for vendor advisories and patch information. Affected products include: Savoirfairelinux Jami.